It does not matter how strongly encrypted your documents are. The fourth amendment in the US constitution gives law enforcement a legal tool called warrants, so you will have to provide a key to decrypt your documents if a warrant is issued by a judge.

If you as a third party do not comply with the warrant then you are obviously committing obstruction of justice .

It does not matter how strongly encrypted your documents are. The fourth amendment in the US constitution gives law enforcement a legal tool called warrants, so you will have to provide a key to decrypt your documents if a warrant is issued by a judge.

If you as a third party do not comply with the warrant then you are obviously committing obstruction of justice .

The ability for the US government to compel you to turn over passwords or other keys is hotly debated and the courts are by no means settled on it.

It does not matter how strongly encrypted your documents are. The fourth amendment in the US constitution gives law enforcement a legal tool called warrants, so you will have to provide a key to decrypt your documents if a warrant is issued by a judge.

If you as a third party do not comply with the warrant then you are obviously committing obstruction of justice .

If things are encrypted such that you do not have access to the plaintext of the documents, the only thing you can do is hand over the cyphertext. If it were obstruction of justice to be unable to comply with a warrant, we'd be able to put people in prison for not handing over a unicorn.

It does not matter how strongly encrypted your documents are. The fourth amendment in the US constitution gives law enforcement a legal tool called warrants, so you will have to provide a key to decrypt your documents if a warrant is issued by a judge.

If you as a third party do not comply with the warrant then you are obviously committing obstruction of justice .

The ability for the US government to compel you to turn over passwords or other keys is hotly debated and the courts are by no means settled on it.

It is the compelling of the third party to produce my documents I disagree with. There are already penalties in place should the subject of a warrant hinder investigation or destroy/hide evidence.

"I have been told that they cannot change your fundamental business practices," said Callas,

I think the immunity Congress was forced to grant to all of the telecoms in 2008 shows he underestimates the power of the NSA to not only compel a change to an existing business practice, but also to break the law.

It does not matter how strongly encrypted your documents are. The fourth amendment in the US constitution gives law enforcement a legal tool called warrants, so you will have to provide a key to decrypt your documents if a warrant is issued by a judge.

If you as a third party do not comply with the warrant then you are obviously committing obstruction of justice .

I am not American, and I would prefer it if American agencies didn't have access to my personal correspondence warrant or not.

I appreciate the indepth speculation of this article but the fact remains that the US Government has bullied a private citizen and a private company into doing something it did not want to do, while it was operating completely within the law, under some threat serious enough for that person to shut down his business.It is tyranny and needs to be stopped.Unfortunately, the reality is that people need to stand up and speak out under threat of imprisonment, take the jury trial route, and have a jury of your peers acquit you. Even more unfortunate, is that the system is so fucked now that:1. Innocent people get threat of imprisonment for some government witch hunt;2. Innocent people cave to threat and submit;3. Innocent cannot get courts to throw criminal cases out for those who do not submit;4. Innocent people who sue the government for said abuses cannot get government immunity withheld to get to jury trial;5. Innocent people spend big money to fight this tyranny vs. the infinite government budget;6. All the corrupt judges, politicians, police, and military/industrial/spy complex get more and more powerful.

"I have been told that they cannot change your fundamental business practices," said Callas,

I think the immunity Congress was forced to grant to all of the telecoms in 2008 shows he underestimates the power of the NSA to not only compel a change to an existing business practice, but also to break the law.

Yes, once you open the Pandora's box where they can make the law whatever they want it to be, all bets are off. I'm hoping the outcry will slow them down, but I doubt they can be stopped. They have been exposed employing illegal and unconstitutional means, and what happened? Nothing, they are going about business as usual.

It does not matter how strongly encrypted your documents are. The fourth amendment in the US constitution gives law enforcement a legal tool called warrants, so you will have to provide a key to decrypt your documents if a warrant is issued by a judge.If you as a third party do not comply with the warrant then you are obviously committing obstruction of justice .

The ability for the US government to compel you to turn over passwords or other keys is hotly debated and the courts are by no means settled on it.

The courts are not settled on it because many courts are so far removed from their primary job- enforcing the US Constitution. 5th Amendment in simpleze is that you do not have to tell on yourself or provide evidence against yourself.

The courts have it wrong and should be ashamed. Under the 5th Amendment, you should not have to provide passwords, urine, blood, breath, or say jack shit ever. It is up the government to prove you guilt beyond a reasonable doubt after an indictment based upon probable cause.

The other problem with the courts is that they are protecting the executive branch with super immunity from civil suit. If the DOJ would throw government employees in prison for violating the US Constitution, this stuff would stop- Immediately! If people could sue and get millions in damages for this type of tyranny or police brutality, this crap would stop- Immediately! Starve the beast...

Going on record to say that I've never received an NSL. If I do get one, I'll be unable to confirm or deny that I have.

Someone clearly didn't think that through.

I'm pretty sure the American Library Association does something like this, with a regularly updated list of libraries which have either NOT received an NSL that month, or can neither confirm nor deny it.

It does not matter how strongly encrypted your documents are. The fourth amendment in the US constitution gives law enforcement a legal tool called warrants, so you will have to provide a key to decrypt your documents if a warrant is issued by a judge.If you as a third party do not comply with the warrant then you are obviously committing obstruction of justice .

Who says? That is not what "warrants" are for. Warrants have historically fallen under the following categories:1. Search2. Arrest3. Execution;4. Dispossessory/eviction5. CommittalTheses do not include forcing a potential criminal suspect to tell on themselves. ie turn over passwords.

The other problem with the courts is that they are protecting the executive branch with super immunity from civil suit. If the DOJ would throw government employees in prison for violating the US Constitution, this stuff would stop- Immediately! If people could sue and get millions in damages for this type of tyranny or police brutality, this crap would stop- Immediately! Starve the beast...

They have been exposed employing illegal and unconstitutional means, and what happened? Nothing, they are going about business as usual.

Worse than nothing, they have quite literally been chastised by millions for illegal, immoral and unpopular actions. They have, for all intents and purposes, turned around and said "No, it's fine. This is legal, it's in your best interests, we're going to keep doing it whether you want it or not."

They are now acting almost certainly outside the law, they are definitely acting against the wishes of the majority, they are doing it all with impunity and on top of all this it's funded with money taken from the public.

I understand the wordplay that various parties are forced to use in order to convey information without violating the letter of the law, but the following phrase still concerns me:

Quote:

said Callas, who unlike Levison was able to say SilentCircle has received no NSLs or court orders of any kind.

The author, Mr. Goodin, is clearly implying that Levison is unable to say whether he has received an NSL. This is different from Levison merely stating that he cannot confirm whether he has or hasn't.

My only concern is that the gov might want to "subpoena" the contents of the actual interview to confirm whether Levison goofed up and mistakenly leaked why his response is "..neither confirm nor deny..".

I find it kind of hard to believe this guy builds an encrypted mail system, and doesn't realize that the underlying technology is controlled by the government. It's about the only piece of software that has had consistent export controls since forever. Even a few years ago CNG products from MS came with a big long warning about exporting the software. I'm not saying the export laws are even effective, but they do exist.

The courts are not settled on it because many courts are so far removed from their primary job- enforcing the US Constitution. 5th Amendment in simpleze is that you do not have to tell on yourself or provide evidence against yourself.

The courts have it wrong and should be ashamed. Under the 5th Amendment, you should not have to provide passwords, urine, blood, breath, or say jack shit ever. It is up the government to prove you guilt beyond a reasonable doubt after an indictment based upon probable cause.

The courts have long held that there are reasonable exceptions to virtually every power. Given that the first of these happened when most of the Framers were still alive and they didn't do much to change it, it's a good bet that they meant for it to be flexible. That's why your fingerprints can be taken on arrest.

In the case of drunk driving, you actually can refuse any and all testing, but this generally results in the immediate suspension or revocation of your license. Think about it: you're demanding that the government prove that someone was drunk and then denying the ability to collect any evidence other than the judgment of the arresting officer. A little leeway goes a long way not just in enforcing the law, but in protecting people from corrupt, angry, or tired cops declaring them drunk and that being the essential end of it.

Quote:

The other problem with the courts is that they are protecting the executive branch with super immunity from civil suit. If the DOJ would throw government employees in prison for violating the US Constitution, this stuff would stop- Immediately! If people could sue and get millions in damages for this type of tyranny or police brutality, this crap would stop- Immediately! Starve the beast...

All national governments have general immunity from civil suit and have since time immemorial because a lack of it would render every government completely incapable of functioning and lock the courts up completely. The United States is no different, and the Framers again backed this idea in their arguments and actions, even if it's not clearly spelled out with those words in the Constitution itself. In fact, when individual state sovereignty was threatened in a case involving Georgia, the Eleventh Amendment was quickly proposed and passed, taking less than a year to be ratified. There are exceptions written into the law, but they're limited and largely intended to keep government employees in line.

I understand the wordplay that various parties are forced to use in order to convey information without violating the letter of the law, but the following phrase still concerns me:

Quote:

said Callas, who unlike Levison was able to say SilentCircle has received no NSLs or court orders of any kind.

The author, Mr. Goodin, is clearly implying that Levison is unable to say whether he has received an NSL. This is different from Levison merely stating that he cannot confirm whether he has or hasn't.

My only concern is that the gov might want to "subpoena" the contents of the actual interview to confirm whether Levison goofed up and mistakenly leaked why his response is "..neither confirm nor deny..".

The legal minutiae are a gnat on an elephants ass. The law is whatever they say it is. The big issue is their assumption of unlimited coercive power. Defy them and you're in prison.

anyone who trusts an encrypted email store but depends on unencrypted emails is just asking for trouble. It's that simple.

If the e-mail is ever in the clear on the remote end, you have no real confidentiality.

could one design a system that provided better protection than lavabit? yes. for instance, let the messages come in the clear, but once encrypted on the server, are unable to be decrypted by the server at all (i.e. server never has the decryption key).

It sill wouldn't protect new incoming e-mail, but it would protect already received e-mail.

but in practice, if you need confidentiality, you need end to end confidentiality. Learn to use PGP. Or S/Mime.

Going on record to say that I've never received an NSL. If I do get one, I'll be unable to confirm or deny that I have.

Someone clearly didn't think that through.

His lawyer carefully crafted the reply. The first part you give is not in his statement.

The actual quote is:"Asked if he or Lavabit has received a National Security Letter or any sort of classified court order, he response is: "I can neither confirm nor deny that." "

Bluntly, he did receive an NSL with a clause stating that he is not allowed to tell anyone. If he had not received an NSL, then he would have been able to say "I have not received an NSL". Legally he is in compliance with the court order even as he violates the spirit of the order by not lying.

Confirming would violate the order, denial would be lying to the interviewer. Since he cannot confirm and does not wish to lie, then he can only reply with variations on "No comment".

It does not matter how strongly encrypted your documents are. The fourth amendment in the US constitution gives law enforcement a legal tool called warrants, so you will have to provide a key to decrypt your documents if a warrant is issued by a judge.

If you as a third party do not comply with the warrant then you are obviously committing obstruction of justice .

If things are encrypted such that you do not have access to the plaintext of the documents, the only thing you can do is hand over the cyphertext. If it were obstruction of justice to be unable to comply with a warrant, we'd be able to put people in prison for not handing over a unicorn.

The implication of his "speculations" is that the NSL required modification of source or procedure to allow harvesting of passwords and encryption keys. Since he could not comply without violating the Terms of Service, he shut the service down.

All this is speculation of course. The NSL that he cannot legally talk about contains the order he legally unable to describe...though he can "speculate" based on things he has known to be potential weaknesses

His lawyer carefully crafted the reply. The first part you give is not in his statement.

I didn't say it was. I was saying that *I* have not received one.

My point was that whoever came up with the gag order idea didn't think it through. Gag orders usually bar someone from discussing the content of something, not the something itself. Those work. These do not.

Going on record to say that I've never received an NSL. If I do get one, I'll be unable to confirm or deny that I have.

Someone clearly didn't think that through.

Your point brilliantly proves just how stupid people who make rules often are. Now they need a law that prohibits anyone from ever commenting about National Security Letters whether or not they have received one.

These are the issues we must push. Not 'they are reading all our emails' which is clearly clearly impossible and easy to refute as general alexander has been doing. What they are doing is building systems and databases so they could if they chose access any and all information on you at a later date. While also ensuring any secure systems have security holes and are basically scams if they continue to operate. Does it not seem outrageuosly unsecure to require every tech company in the US to ensure their systems are not secure? Alas NZ is about to legislate for this to be required...

A thought though... what happens if some linux distribution decides to implement full encryption by default, with keys generated on the machine at install in the home. They couldn't get the key off the the developers and any security holes would be open source due to licence obligations... and if everyone used linux :-p

It does not matter how strongly encrypted your documents are. The fourth amendment in the US constitution gives law enforcement a legal tool called warrants, so you will have to provide a key to decrypt your documents if a warrant is issued by a judge.

If you as a third party do not comply with the warrant then you are obviously committing obstruction of justice .

If things are encrypted such that you do not have access to the plaintext of the documents, the only thing you can do is hand over the cyphertext. If it were obstruction of justice to be unable to comply with a warrant, we'd be able to put people in prison for not handing over a unicorn.

The implication of his "speculations" is that the NSL required modification of source or procedure to allow harvesting of passwords and encryption keys. Since he could not comply without violating the Terms of Service, he shut the service down.

All this is speculation of course. The NSL that he cannot legally talk about contains the order he legally unable to describe...though he can "speculate" based on things he has known to be potential weaknesses

Right, but that's not what Jousle was saying. He was saying that it would be obstruction of justice not to turn over information you don't have. A warrant can't do that. An NSL may or may not require you to change your source code such that the government can access that information, and I think that should be illegal, especially with the self referential gag order that may or may not exist in reference to such an order. Nevertheless, the inability to comply with a warrant is not a crime.

anyone who trusts an encrypted email store but depends on unencrypted emails is just asking for trouble. It's that simple.

If the e-mail is ever in the clear on the remote end, you have no real confidentiality.

Any encrypted communication is only as safe as the security on either end, regardless of how good it is in the middle.

At this point... how much do you even trust VeriSign as a "trusted third party"? Forget the middle part too.

Verisign provides authentication, but it's not necessary for unbreakable p2p encryption. Stuff like OTR and PGP are theoretically unbreakable in transit, but that means nothing if either of the endpoints are compromised.

silly, silly americans. this is what belief in a few words on a raggedy old scrap of paper does for you. precisely nothing, you have spent decades spouting crap to the rest of the world about your "wonderful constitution" mean while your wonderful governments have been shafting the publics arse as much and as often as they like and now that some of you have noticed said shafting you seem surprised, why do you think rest of the world ignored your crap for so long? answer, because they knew it was crap. here in the uk, we have magna carter, its a load of crap, it gives certain protections to certain members of the elite, thats it, thats what it actuly says, which is why no ordinary member of the public attaches any importance to it, its just a few words on some scraps of paper. we learnt centuries ago that you try and control goverments actual behaviour to the public by watching what they do, not what they say they do in your name. your constitution should simply say, do as we say, not what we do.